MalwareCleaning

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Thursday, December 2, 2010

new rogue domain: privacyguard2010.com

Posted on 12:44 PM by Unknown
Whois record for privacyguard2010.com

Registrant Contact:
Name: Bayangol Duureg, Undsen Khuuliyn Gudamj 24
Address: 15111 N. Hayden Rd., Ste 160, PMB 353
City: Ulaanbaatar
Country: Mongolia

hxxp://privacyguard2010.com
Result: 3/17 (18 %)
Domain Hash: fec975d80b19c2ec3ce80fac1cd7800b
URLVoid
Note: this page does not trigger a "scan" of your computer, however, you can download a malicious file. Visit at own risk !

Some related domains:
hxxp://pcprotectioncenter.com/
hxxp://privacycorrector.com/
hxxp://pcoptimizer2010.com/
hxxp://psccenter.com/
hxxp://controlcenter2011.com/


The following file was downloaded:
setup.msi
Result: 1/43 (2.3%)
MD5: 92577052e1f4f51cb74d37727d032168
VirusTotal
ThreatExpert Report

This file drops:
PCoptimizer2010.exe
Result: 2/43 (4.7%)
MD5: 6ad932b045a4ac666659d496a81af52d
VirusTotal
Anubis Report
ThreatExpert Report

Screenshot examples:

PrivacyGuard 2010 home page


When executing the file (PCoptimizer2010.exe)
PrivacyGuard 2010 installation wizard
Email ThisBlogThis!Share to XShare to Facebook
Posted in blog update, fakeAV, malware, phishing, rogueware | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • League of Legends RP hack
    I recently blogged about a (still current) scam targeting players of the online game League of Legends: Free Riot codes scam . When re-check...
  • test for the blog
    Just testing ... :-)
  • Gina Lisa Facebook scam
    Yet another Facebook scam, this time luring users with a sextape from Gina Lisa, whom is apparently a German model: Yet another Facebook sca...
  • Increase in malicious spam
    Rodel Mendrez from M86 Security labs has made an excellent post on a Massive Rise in Malicious Spam: http://labs.m86security.com/2011/08/mas...
  • Facebook Support. Personal data has been changed!
    There appears to be a new malicious email being sent out with the subject: " Facebook Support. Personal data has been changed! ID7530...
  • FedEx spam loads malware
    Received an email from (supposedly) FedEx today, seems my parcel was unable to be delivered: Print your receipt!     Mail details: Subject: ...
  • Analysing malicious PDF files
    This is an ongoing blogpost on how to analyse malicious PDF files... More information coming soon... Content coming soon! [...] Source of PD...
  • A word on XDocCrypt/Dorifel/Quervar
    I'm sure everyone has heard by now about the so called XDocCrypt/Dorifel/Quervar malware. It has mostly damaged machines in The Netherla...
  • Malware Puzzle
    A malware (crossword) puzzle you say? Yes! Why not? I've made a puzzle about malware (and security) related keywords. It comes in .PNG f...
  • [SPAM] He found himself leading the process
    Nothing new here, but interesting to note that this type of trick is still going around. I am talking about an email you receive with (appar...

Categories

  • ACH transfer
  • adobe
  • adobe exploit
  • ADP
  • adware
  • affiliate
  • all your data are belong to us
  • antimalware
  • asprox
  • bancos
  • banking trojan
  • basic malware cleaning
  • battle.net
  • blackhole exploit kit
  • blog update
  • botnet
  • brazilian banking trojan
  • brucon
  • change facebook color
  • conduit
  • cracked hotmail
  • credit card blocked
  • crimeware kit
  • CVE-2006-0003
  • CVE-2010-0840
  • CVE-2012-4681
  • cybercrime
  • d3
  • diablo
  • diablo III
  • diablo phishing
  • DLL injection
  • Dorifel
  • dorkbot
  • encryption
  • end of july
  • exploit
  • exploit kit
  • exprez
  • facebook
  • facebook dislike button
  • facebook event
  • facebook scam
  • Facebook spam
  • facepalm
  • Fake Symantec security check
  • fakeAV
  • fareit
  • FedEx
  • FedEx spam
  • first post
  • flv media player
  • foistware
  • free riot code scam
  • free riot codes
  • free riot points
  • free riot points scam
  • free RP generator
  • fun
  • gina lisa
  • google earth
  • google image poisoning
  • google images
  • hacked hotmail
  • Hacked Hotmail accounts
  • hakin9
  • Hewlett-Packard ScanJet
  • hotfile
  • hotmail
  • illegal games
  • infostealer
  • ING
  • IP and RP Hack Download
  • java
  • java exploit
  • kuluoz
  • lame old malware
  • League of Legends
  • League of Legends MultiHack Generator
  • League of Legends RP generator
  • League of Legends RP hack
  • linkedIN
  • LoL
  • LoL RP Hack
  • low detection
  • malvertising
  • malware
  • malware analysis
  • malware analysis lab
  • malware cleaning
  • malware lab
  • malware puzzle
  • malware tools
  • medfos
  • messenger
  • MSN
  • neosploit exploit kit
  • paypal
  • paypal spammail
  • PC Speed Maximizer
  • pcspeedplus
  • PDF
  • phishing
  • poker games
  • potentially unwanted program
  • pricegong
  • PUP
  • pushdo
  • Quervar
  • Question and Answer
  • rabobank
  • ransomware
  • rapidshare
  • redkit exploit kit
  • RemovalTool.exe
  • Riot codes scam
  • Riot points scam
  • roguevertising
  • rogueware
  • rootkit
  • sasfis
  • scam
  • scareware
  • security
  • security conference
  • security.nl
  • skype
  • skype worm
  • social engineering
  • spam
  • spear phishing
  • spim
  • survey scam
  • team cymru
  • technoviking
  • tepfer
  • test
  • trojan
  • twitter
  • United Parcel Service
  • UPS
  • UPS spam
  • verizon spam
  • video
  • vmware
  • wellsfargo
  • whitesmoke
  • Windows Antibreaking System
  • windows live
  • WinMHR
  • worm
  • XDocCrypt
  • yontoo
  • youtube
  • youtube comment spam
  • youtube spam
  • youtube top comments
  • zeus

Blog Archive

  • ►  2013 (18)
    • ►  September (2)
    • ►  August (2)
    • ►  July (1)
    • ►  June (3)
    • ►  May (2)
    • ►  April (1)
    • ►  March (1)
    • ►  February (3)
    • ►  January (3)
  • ►  2012 (14)
    • ►  November (1)
    • ►  October (2)
    • ►  September (2)
    • ►  August (3)
    • ►  July (1)
    • ►  June (2)
    • ►  April (3)
  • ►  2011 (15)
    • ►  December (1)
    • ►  September (1)
    • ►  June (1)
    • ►  April (3)
    • ►  March (1)
    • ►  February (5)
    • ►  January (3)
  • ▼  2010 (14)
    • ▼  December (3)
      • RapidShare used to spread rogueware
      • new rogue: PCoptimizer 2010
      • new rogue domain: privacyguard2010.com
    • ►  November (1)
    • ►  October (6)
    • ►  September (2)
    • ►  August (1)
    • ►  March (1)
Powered by Blogger.

About Me

Unknown
View my complete profile